Are Brute Force Attacks a Threat to Your Seed Phrase?

Brute force is a cybersecurity attack method characterized by a thorough and systematic trial-and-error approach to determining passwords, encryption keys, or sensitive information. 

The basic principle behind brute force attacks is to try all possible combinations until the correct one is found. This resource-intensive method can be effective when the targeted systems do not have strong security measures.

However, seed phrases are considered very secure by modern standards. With a 12- or 24-word seed phrase out of 2048 possible words, determining the right words in the right sequence is almost impossible. In addition, computers and computing power are getting more advanced yearly, so could your seed phrase be brute-forced someday by a hacker with access to a quantum computer? Let's find out.

Understanding seed phrases

A seed phrase, mnemonic phrase, or recovery seed is crucial in cryptocurrency wallets, especially those following the BIP-39 (Bitcoin Improvement Proposal 39) standard. It is a sequence of words that serve as a backup and recovery mechanism for cryptographic keys within a wallet.

Typically made up of 12, 18, or 24 words, the seed phrase acts as a human-readable expression of a wallet's private key. It is generated during the initial setup of a wallet, and users are instructed to store it securely, offline, and away from unauthorized access. 

Your crypto wallet security relies heavily on the protection of the seed phrase. Anyone with access to your seed phrase can gain control over your funds.

Can a brute force attack expose your seed phrase?

Seed phrases are highly resistant to hacking. Their complexity results in billions of combinations, making brute-force attacks impractical.  Here's an analysis by an astute Redditor matejcik (u/matejcik), who did the math: 

There are approximately 500 million cryptocurrency users at present. Let's assume each user has a 12-word seed.

This implies that attempting to brute-force through all possible 12-word seeds would give you a chance to discover a non-empty wallet after approximately 340 282 366 920 938 463 463 374 607 431 tries (equivalent to 3.4 * 10^29).

According to mempool, the Foundry USA mining pool boasts a hashrate of 162 EH/s, translating to 162*10^18 hashes per second. This positions them as arguably the most substantial single-purpose supercomputer globally. While focusing solely on mining bitcoins, they outperform traditional supercomputers in this specific task.

In 24 hours, they mine 40 blocks, resulting in a consistent income of 252 BTC daily.

Brute-forcing seeds require different hardware, with over 2000 times more operations needed per seed. However, for the sake of this experiment, let's assume the hardware is the same. By dividing 162 EH/s by 2000, the resulting hashrate is 81 Pseeds/s, equivalent to 81 * 10^15 seeds per second.


If we divide the 3.4*10^29 attempts per seed by 81 * 10^15 seeds per second, we get 4 billion seconds per seed. In other words, finding a seed with funds would take 133 years.

Let's imagine an incredibly wealthy individual investing in custom-made hardware, purchasing 100 times more than Foundry USA. This hardware is specifically designed for brute-forcing seeds, and it operates for one year to find a particular seed—let's say, yours.

This operation would require forgoing at least 40 blocks or 250 BTC per day, a substantial portion of which would cover the electricity expenses of this energy-consuming operation.

In conclusion, Brute-forcing 128-bit seeds is not viable and likely never will.

What is the potential impact of quantum computing on brute force attacks?

Quantum computing could lead to a significant breakthrough in encryption, potentially rendering current standards easily breakable. There are even claims that high-value encrypted data is being stored in anticipation of this development, and some major platforms are already offering servers equipped with quantum bits.

So, how long would it take before quantum computing becomes a prevalent brute-force tool in the crypto scene? What can we expect regarding its application, and what safety concerns might arise?

Brute-forcing a seed phrase is not like "breaking encryption," as quantum computers excel in. Some quantum algorithms can decrease the difficulty, but it's not enough.

In essence, the difficulty could be reduced from 128 bits to 64 bits. While this is a significant reduction, it'd require a much larger quantum computer than a classical one would be required. Secondly, each attempt would be considerably slower by several orders of magnitude. Third, the ability to compensate by "buying more hardware" is limited due to insufficient hardware availability.

Moreover, the 64-bit difficulty level is currently breakable, but it's on the verge of being "usually not worth the expense." The challenges posed by quantum computing make it "basically never worth it" for brute-forcing seed phrases.

Final thoughts

Brute-forcing isn't a significant concern to seedphrase and private key security. It's highly implausible that an individual or corporation would have the financial and technological resources to meticulously sift through and employ brute force to compromise a loaded crypto wallet. 

Even with a quantum computer, the same algorithm that might benefit quantum computing in seed testing can also accelerate bitcoin mining by a similar factor while demanding much less processing power than brute-force attempts. Simply put, mining BTC and other crypto is far more profitable than trying to brute force seed phrases.

Keeping your seed phrase safe

Your concern should not lie in the vulnerabilities from a brute-force standpoint but rather in how you secure and store your seed phrases. The seed phrase is the sole barrier to safeguarding your assets from prying eyes. We've seen many scenarios where people accidentally expose their seed phrases or save them on compromised devices. 

The Tangem Wallet allows you to set up a secure crypto wallet without using a seed phrase. It generates your private key offline in a secure chip and never exposes it to anyone; not even you or Tangem. Get a seedless hardware wallet today and obtain real peace of mind, knowing that your life savings/investments will always be there.